const express = require('express');
const app = express();

function checkAuthentication(req) {
  /*
  I am considering this as my authentication function. 
  When the user logged in, server has sent him a token, which now will act as a validator. 
  */

  if (req.headers.token) {
    const user = someFunctionToFetchUser(req.header.token)
    return user
  } else {
    return false
  }
}

/*
Now I want a function to be there on each protected api routes
to make user if user has a valid token then only allow them to interact with the data base otherwise throw an error 
*/


const authMiddleware = (req, res, next) => {
  // Check if user is authenticated
  const isAuthenticated = checkAuthentication(req);

  if (isAuthenticated) {
    // Now you have verified the has valid a token. So allow user 
    // to reach to the controller or any other middleware, if any.
    next();
  } else {
    // User is not authenticated, send an unauthorized response
    res.status(401).send('Unauthorized');
  }
};

// Middleware function is applied to specific routes
app.get('/protected', authMiddleware, (req, res) => {
  res.send('Protected Route');
});

// You can have any number of middlewares
app.get('/protected', authMiddleware, someOtherMiddleware, (req, res) => {
  res.send('Protected Route');
});

// And also you can pass data from middleware to next middleware/controller also by attahching it with request

function newMiddleware(req, res, next) {
  req.foo = "bar" //Now you can access this foo variable in next function.
}